Interface for access management of FEMTO cell coverage

ABSTRACT

Access management of femto cell service through access control list(s), or “white list(s)” is disclosed. Such white list(s) can be configured via a networked interface which facilitates access management to a femto cell. White list(s) includes a set of subscriber station(s) identifier numbers, codes or tokens, and can also include additional fields for femto cell access management based on desired complexity. Various interfaces and user profiles are associated with granting different levels of access to requesting UEs.

CROSS-REFERENCE

This application claims the benefit of U.S. Provisional Application Ser. No. 61/052,813, filed May 13, 2008, entitled “MANAGEMENT OF ACCESS TO FEMTO CELL COVERAGE”, the entirety of which is incorporated herein by reference.

TECHNICAL FIELD

The present disclosure relates generally to wireless communications and, more particularly, to management of access to femto cell coverage by a subscriber and subscriber stations.

BACKGROUND

Femto cells—building-based wireless access points interfaced with a wired broadband network—are generally deployed to improve indoor wireless coverage provided by a wireless network operator. Femto cells typically operate in licensed portions of the electromagnetic spectrum, and generally offer plug-and-play installation; e.g., automatic configuration of femto access point. Improved indoor coverage includes stronger signal and improved reception (e.g., voice or sound), ease of session or call initiation and session or call retention as well. Coverage of a femto cell, or femto AP, is intended to be confined within the bounds of an indoor compound, in order to mitigate interference among mobile stations covered by a macro cell and terminals covered by the femto AP. Additionally, confined coverage can reduce cross-talk among terminals serviced by disparate, neighboring femto cells as well.

Coverage improvements via femto cells can also mitigate customer attrition as long as a favorable subscriber perception regarding voice coverage and other data services with substantive delay sensitivity is attained. A positive customer experience can depend on adequate access management to femto cell service.

SUMMARY

The following presents a simplified summary of the innovation in order to provide a basic understanding of some aspects of the invention. This summary is not an extensive overview of the invention. It is intended to neither identify key or critical elements of the invention nor delineate the scope of the invention. Its sole purpose is to present some concepts of the invention in a simplified form as a prelude to the more detailed description that is presented later.

System(s) and method(s) to manage access to femto cell service through access control list(s), or “white list(s)” are disclosed herein. Such white list(s) can be configured via a networked interface which facilitates access management to a femto cell. White list(s) includes a set of subscriber station(s) identifier numbers, codes or tokens, and can also include additional fields for femto cell access management based on desired complexity. Various example aspects such as white list(s) management, maintenance and dissemination; pre-configuration; and inclusion of wireless device(s) or subscriber(s) are discussed herein.

An aspect relates to a system that facilitates management of access to femto cell coverage. The system comprises an interface component and an access management component. The interface component configures an access control list for femto cell coverage. The access management component grants access to femto cell coverage based on the contents of the access control list. The interface component further comprises a user profile component that provides an interface to the user to grant a requesting UE access rights to the femto cell resources based at least on a profile associated with the user. For example, if the user is a primary administrator, a detailed interface is provided whereas for a secondary user, an abbreviated interface can be presented. The detailed interface can be employed to set a specific access level for a requesting UE whereas the abbreviated interface can grant temporary access (or a specified default level of access rights associated therewith) to a requesting UE. A timer is associated with the temporary access granted to the UE such that upon expiration of a time period associated with the timer, a request to extend access rights of the UE is forwarded to the user. The interface component further comprises an intelligent component that presents an appropriate interface based on one or more of the user profile or device parameters. The access management component can provide access to one or more requesting UEs based at least on a type of interface presented to the user by the interface. The interface component can also comprise a display component that displays IDs and/or access details of one or more UEs associated with the access control list in addition to various options to administer the access control list such as options to add, delete and/or edit numbers in the list.

Another aspect relates to a method of providing access to femto resources. The method comprises the steps of configuring an access control list for femto cell service and granting access to femto cell service according to the configured access control list. The access control list can be configured using a web based GUI (graphical user interface) that facilitates one or more of addition, deletion or editing of IDs associated with UEs accessing the femto resources. The web-based GUI can provide a component to display access details of one of more UEs included in the access control list. In accordance with a further aspect, the web based GUI is provided to a primary administrator of the femto cell such that the administrator can provide a desired access level to a requesting UE. The access control list can also be edited via an abbreviated interface. The abbreviated interface can be provided to a secondary user via one or more alternate devices supplied for receiving femto cell management notifications. The secondary user can grant temporary access to the femto resources to a requesting UE wherein a timer is associated with the temporary access. An extension notification is provided to the user upon expiration of a time period associated with the temporary access such that the user has an option to either extend or revoke the access rights granted to the UE.

Another aspect relates to a system for providing access to femto cell resources. The system comprises means for configuring an access control list for femto cell service. Means for granting access to femto cell service, also included in the system, grants access to a requesting UE according to the configured access control list.

In yet another aspect, a computer-readable medium having instructions stored thereon that aid in femto cell resource management is disclosed. When executed by a processor, the instructions cause a computer to configure an access control list for femto cell service. The instructions also aid in granting access to femto cell service according to the configured access control list.

To the accomplishment of the foregoing and related ends, the invention, then, comprises the features hereinafter fully described. The following description and the annexed drawings set forth in detail certain illustrative aspects of the invention. However, these aspects are indicative of but a few of the various ways in which the principles of the invention may be employed. Other aspects, advantages and novel features of the invention will become apparent from the following detailed description of the invention when considered in conjunction with the drawings.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 a schematic deployment of a macro cell and a femto cell for wireless coverage in accordance with aspects described herein.

FIG. 2 is a block diagram of an example system that facilitates selection of subscribers to access coverage from a femto cell in accordance with aspects disclosed herein.

FIG. 3 is a block diagram of an example system to share access control list(s), or white list(s), in accordance with aspects described herein.

FIG. 4 is a block diagram of an example system that manages access control lists, or white lists, in accordance with aspects described herein.

FIG. 5 is a block diagram of an example system that facilitates addition of subscriber(s)/subscriber station(s) to one or more white lists in accordance with aspects described in the subject specification.

FIG. 6 is a block diagram of an example system that manages a defined logic of how content(s) (e.g., MSISDNs) in access control list(s), or white list(s) is maintained on a white list database in accordance with aspects described herein.

FIG. 7 is a block diagram of an example system that initializes access control list(s), or white list(s), to femto coverage with subscriber station identifier numbers, codes or tokens available on a service account in accordance with aspects disclosed herein.

FIG. 8 is a block diagram of an example system that facilitates addition of wireless, mobile devices on an ad hoc basis in accordance with aspects described herein.

FIG. 9 is a block diagram of an example system that tracks subscriber station identifier numbers (e.g., MSISDNs), codes or tokens, associated with white list(s) on record with a femto service provider in accordance with aspects of the disclosed subject matter.

FIG. 10 presents a flowchart of an example method for managing access of subscribers and subscriber stations to femto cell coverage according to the disclosed subject matter.

FIG. 11 is a schematic diagram of an interface component that can be used to mange one or more white lists associated with a femto access point.

FIG. 12 illustrates a GUI that can be employed by users to configure the femto access point and manage various aspects associated with the femto cell access.

FIG. 13 shows a web based GUI that can be employed by the user to edit contents of a white list upon installation of the femto access point.

FIG. 14A and FIG. 14B illustrate different devices presenting the interface in accordance with different aspects.

FIG. 15 shows a methodology of providing white list management interface to a user in accordance with an aspect.

FIG. 16 relates to another aspect wherein the access rights granted to a UE can depend on the kind of interface that is used to grant the access rights.

FIG. 17 is a block diagram of an example femto access point that operates in accordance with aspects disclosed in the subject specification.

FIG. 18 illustrates example macro and femto wireless network environments that operate in accordance with the various aspects detailed herein.

DETAILED DESCRIPTION

The subject innovation is now described with reference to the drawings, wherein like reference numerals are used to refer to like elements throughout. In the following description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the present invention. It may be evident, however, that the present invention may be practiced without these specific details. In other instances, well-known structures and devices are shown in block diagram form in order to facilitate describing the present invention.

As used in this application, the terms “component,” “system,” “platform,” and the like are intended to refer to a computer-related entity or an entity related to an operational machine with one or more specific functionalities. The entities disclosed herein can be either hardware, a combination of hardware and software, software, or software in execution. For example, a component may be, but is not limited to being, a process running on a processor, a processor, an object, an executable, a thread of execution, a program, and/or a computer. By way of illustration, both an application running on a server and the server can be a component. One or more components may reside within a process and/or thread of execution and a component may be localized on one computer and/or distributed between two or more computers. Also, these components can execute from various computer readable media having various data structures stored thereon. The components may communicate via local and/or remote processes such as in accordance with a signal having one or more data packets (e.g., data from one component interacting with another component in a local system, distributed system, and/or across a network such as the Internet with other systems via the signal).

In addition, the term “or” is intended to mean an inclusive “or” rather than an exclusive “or.” That is, unless specified otherwise, or clear from context, “X employs A or B” is intended to mean any of the natural inclusive permutations. That is, if X employs A; X employs B; or X employs both A and B, then “X employs A or B” is satisfied under any of the foregoing instances. Moreover, articles “a” and “an” as used in the subject specification and annexed drawings should generally be construed to mean “one or more” unless specified otherwise or clear from context to be directed to a singular form.

Moreover, terms like “user equipment,” “mobile station,” “mobile,” subscriber station,” “access terminal,” “terminal,” “handset,” and similar terminology, refer to a wireless device utilized by a subscriber or user of a wireless communication service to receive or convey data, control, voice, video, sound, gaming, or substantially any data-stream or signaling-stream. The foregoing terms are utilized interchangeably in the subject specification and related drawings. Likewise, the terms “access point,” “base station,” “Node B,” “evolved Node B,” “home Node B (HNB),” and the like, are utilized interchangeably in the subject application, and refer to a wireless network component or appliance that serves and receives data, control, voice, video, sound, gaming, or substantially any data-stream or signaling-stream from a set of subscriber stations. Data and signaling streams can be packetized or frame-based flows.

Furthermore, the terms “user,” “subscriber,” “customer,” “consumer,” “prosumer,” “agent,” and the like are employed interchangeably throughout the subject specification, unless context warrants particular distinction(s) among the terms. As utilized herein, the term “prosumer” indicate the following contractions: professional-consumer and producer-consumer.

The following abbreviations are relevant to the subject specification.

3G Third Generation

3GPP Third Generation Partnership Project

AGPS Assisted GPS

AP Access Point

ADSL Asymmetric Digital Subscriber Line

AWS Advanced Wireless Services

BRAS Broadband Remote Access Server

BTA Basic Trading Area

CN Core Network

CS Circuit-Switched

CSCF Call Session Control Function

CPE Customer Premise Equipment

CPN Customer Premise Network

DHCP Dynamic Host Configuration Protocol

DSL Digital Subscriber Line

DSLAM Digital Subscriber Line Access Multiplexer

E911 Enhanced 911

FCC Federal Communications Commission

FL Forward Link

GGSN Gateway GPRS Service Node

GPRS General Packet Radio Service

GPS Global Positioning System

GW Gateway

HAP Home Access Point

HSS Home Subscriber Server

ISDN Integrated Services Digital Network

UE User Equipment

UTRAN Universal Terrestrial Radio Access Network

IMS IP Multimedia Subsystem

IP Internet Protocol

ISP Internet Service Provider

MSA Metropolitan Statistical Areas

MSISDN Mobile Subscriber ISDN Number

MTA Major Trading Areas

NAT Network Address Translation

NTP Network Time Protocol

O&M Operation and Maintenance

PC Personal Computer

PCS Personal Communications Service

PS Packet-Switched

PSTN Public Switched Telephone Network

RAN Radio Access Network

RBS Radio Base Station

RL Reverse Link

RNC Radio Network Controller

RSA Rural Service Area

SGSN Serving GPRS Support Node

SIP Session Initiation Protocol

USSD Unstructured Supplementary Service Data

VPN Virtual Private Network

WAP Wireless Application Protocol

XDSL Asynchronous-DSL or Synchronous-DSL

Referring to the drawings, FIG. 1A illustrates a schematic wireless environment (e.g., a network) 100 in which a femto cell can exploits various aspects described in the subject specification. In wireless environment 100, area 105 represents a coverage macro cell which is served by base station 110. Macro coverage is generally intended for outdoors locations for servicing mobile wireless devices, like UE 120 _(A), and such coverage is achieved via a wireless link 115. In an aspect, UE 120 can be a 3GPP Universal Mobile Telecommunication System (UMTS) mobile phone.

Within macro coverage cell 105, a femto cell 145, served by a femto access point 130, can be deployed. A femto cell typically covers an area 125 that is determined, at least in part, by transmission power allocated to femto AP 130, path loss, shadowing, and so forth. Coverage area typically is spanned by a coverage radius that ranges from 20 to 50 meters. Confined coverage area 145 is generally associated with an indoors area, or a building, which can span about 5000 sq. ft. Generally, femto AP 130 typically services a few wireless devices (e.g., subscriber station 120 _(B)) within confined coverage area 145. In an aspect, femto AP 130 can integrate seamlessly with substantially any PS-based and CS-based network; for instance, femto AP 130 can integrate into an existing 3GPP Core via conventional interfaces like Iu-CS, Iu-PS, Gi, Gn. In another aspect, femto AP 130 can exploit high-speed downlink packet access in order to accomplish substantive bitrates. In yet another aspect, femto AP 130 has a LAC (location area code) and RAC (routing area code) that is different than the underlying macro network. These LAC and RAC are used to identify subscriber station location for a variety of reasons, most notably to direct incoming voice and data traffic to appropriate paging transmitters.

As a subscriber station, e.g., UE 120 _(A), leaves macro coverage (e.g., cell 105) and enters femto coverage (e.g., area 125), as illustrated in environment 100, UE 120 _(A) attempts to attach to the femto AP 130 through transmission and reception of attachment signaling, effected via a FL/RL 135; in an aspect, the attachment signaling can include a Location Area Update (LAU) and/or Routing Area Update (RAU). Attachment attempts are a part of procedures to ensure mobility, so voice calls and sessions can continue even after a macro-to-femto transition or vice versa. It is to be noted that UE 120 can be employed seamlessly after either of the foregoing transitions. Femto networks are also designed to serve stationary or slow-moving traffic with reduced signaling loads compared to macro networks. A femto service provider (e.g., an entity that commercializes, deploys, and/or utilizes femto access point 130) is therefore inclined to minimize unnecessary LAU/RAU signaling activity at substantially any opportunity to do so, and through substantially any available means. It is to be noted that substantially any mitigation of unnecessary attachment signaling/control is advantageous for femto cell operation. Conversely, if not successful, UE 120 is generally commanded (through a variety of communication means) to select another LAC/RAC or enter “emergency calls only” mode. It is to be appreciated that this attempt and handling process can occupy significant UE battery, and femto AP capacity and signaling resources as well.

When an attachment attempt is successful, UE 120 is allowed on femto cell 125 and incoming voice and data traffic are paged and routed to the subscriber through the femto AP 130. It is to be noted also that data traffic is typically routed through a backhaul broadband wired network backbone 140 (e.g., optical fiber backbone, twisted-pair line, T1/E1 phone line, DSL, or coaxial cable). To this end, femto AP 130 is connected to the broadband backhaul network backbone 140 via a broadband modem (not shown).

It is to be noted that as a femto AP 130 generally relies on a backhaul network backbone 140 for routing and paging, and for packet communication, substantially any quality of service handles heterogeneous packetized traffic. Namely, packet flows established for wireless devices (like terminals 120 _(A) and 120 _(B)) served by femto AP 130, and for devices served through the backhaul network pipe 140. It is to be noted that to ensure a positive subscriber experience, or perception, it is important for femto AP 130 to maintain a high level of throughput for traffic (e.g., voice and data) utilized on a mobile device for one or more subscribers while in the presence of external, additional packetized, or broadband, traffic associated with applications (web browsing, data transfer (e.g., content upload), and the like) executed in devices within the femto coverage area (e.g., either area 125 or area 145).

FIG. 2 is a block diagram of an example system 200 that facilitates selection of subscribers to access coverage from a femto cell; selection can enable or disable coverage for specific subscriber(s) or subscriber station(s). Means provided by example system 200 to authorize or revoke access to specific subscribers, or subscriber station(s), comprise what is herein termed as a “White List”—an instrument for management of access to femto cell coverage.

In example system 200, an interface component 210 facilitates configuration, or set up, of a list (e.g., white list 220) of wireless mobile station numbers approved for coverage through femto access point 130. It is to be noted that substantially any identification token(s), label(s), or code(s) that identify a subscriber station can be employed. Interface 210 is networked (e.g., via a WAN, LAN, or backhaul pipe) with femto AP 130 and convey white list 220 over network link(s) 225. In an aspect, interface component 210 can be a web-based, online graphic user interface (GUI); however, other networked interfaces that facilitates to enter, or configure, a white list are possible; for instance, voice or sound commanded interface(s), touch commanded interface(s), biometric commanded interfaces(s), and the like. A communication platform 255 facilitates reception of the white list(s) 220 and conveys white list(s) 220 to an access management component 235 that can exploit the white list(s) 220 to manage access to coverage provided by femto AP 130. White list(s) 220 can be stored in the data storage 245 in the femto AP 130; even though white list(s) 220 can be stored in disparate network components like network component administered by a service operator. In addition, interface component 210 can access a subscriber database through network 230, in order to extract identification numbers, codes, tokens, or labels for subscribers/subscriber stations that can be entered in a white list.

In an illustrative, not-limiting aspect of the innovation, white list(s) 220 (or any set of numbers, codes or tokens thereon, that comprise a set of mobile phones approved for coverage by femto AP 130 can be portable through accounts or billing groups associated with a set of subscribers to a service operator that administers femto AP 130, or a macro network. As an illustration, white list(s) 220 can support up to N fields (N a positive integer; e.g., N=50) for unique mobile phone numbers (e.g., MSIDSNs), or any suitable identifying codes or tokens. The number N of fields can be determined, or configured, by a service operator based at least in part on technical aspects (like network resources, quality of service consideration, macro area of coverage (e.g., MSA/RSA), and so on) and commercial aspects (such as promotional considerations, mitigation of customer attrition, gains in market share, etc.) aspects of provision of coverage. As an example, N can be subscriber dependent or femto AP dependent.

In contrast to management of access authorization via femto access point 130, it should be appreciated that configuration of white list(s) 220 (registration authorization for femto coverage) through a network mechanisms (e.g., interface component 210) provides at least the following advantages. It is to be noted that the following advantages are illustrative and not limiting, as other advantages associated with white list(s) 220 are possible and are intended to lay within the scope of the innovation(s) described in the subject specification. (1) Access through an networked interface (online or otherwise) reduces provisioning lead time and provides a means for customers to update and personalize femto AP autonomously (e.g., free of interaction with technical support entities) at substantially any time. (2) Security against devices attempting to hack into the fetmo AP when networked with it, and support of extensible sharing/networking of the authorization scheme. (3) Networked interface (online or otherwise) provides a superior, rich customer experience substantially free of requirement(s) to understand/interpret femto AP programming interface or configuration nomenclature. (4) End user(s) can manage (e.g., remove select covered numbers, or add additional numbers for coverage up to an allotted amount for white list(s) associated with the user. (5) Capacity to determined quality of service, grade of service, or service experience, for specific authorized subscribers. (6) Capacity to check for valid wireless device numbers, codes or tokens (e.g., MSISDNs); subscriber's active numbers, codes or tokens; and numbers, codes or tokens on service accounts in good standing; such capacity can be provided through networked access to a subscriber database 260.

White list(s) 220 facilitates management of access to coverage by a femto AP (e.g., femto AP 130). Various illustrative aspects of innovation based at least in part on a white list concept are discussed next. It is to be noted, notwithstanding, that variations and extensions of such illustrative aspects are possible and are within the scope of the subject innovation.

FIG. 3 is a block diagram of an example system 300 to share access control list(s), or white list(s) 320, among subscribers of a wireless network service in order to provide straightforward access configuration to, and activation of, a femto cell (e.g., femto AP 130) among femto cell subscribers. Subscribers can belong to disparate or same service accounts with either a macro service provider or femto provide, or both. For example, subscribers that share white list(s) can pertain to a group or family associated with a single service account. In example system 300, subscriber A 310 who belongs to account K conveys white list(s) 320 over network 230, via a wired or wireless link 325, to subscriber B 330 who belongs to account J. Subscriber A 310 can hide or eliminate specific subscriber station numbers from white list(s) 320 he/she/it grants to other subscribers. It should be appreciated that the granting of subscriber station numbers, codes or tokens can substantially reduce the amount of time to configure, or set up a white list, as opposed to manually re-entering multiple (e.g., up to 50 numbers, codes or tokens) across multiple femto cells.

A security component 340, or authorization layer, can ensure that unauthorized mobile subscriber numbers, codes or tokens, are not provided when not approved by end users. Such approval can be determined via a privacy policy associated with the end user, or subscriber, which can be stored in a subscriber database 350; the privacy policy can be configured/updated through various means like web-based interfaces, call center, text-message center, and so on. Security component 340 ensure privacy integrity when white list(s) 320 are shared among subscribers of different accounts (e.g., J≠K). In an illustrative aspect, security component 340 can solicit subscribers outside a “white-list share” originating account to grant the authority for their subscriber station identifier number, code or token to be shared through white list(s). To the latter end, security component 340 can resort to various mechanisms that include, but are not limited to including, a short message service (SMS) communication, a multimedia message service (MMS) communication, email, voice mail, web pop up, and so on. Alternatively, or in addition, security component 340 can mitigate security mechanism(s) complexity through validation via subscriber account information (e.g., stored in subscriber database 350) in order to grant automatic access to white list(s) within groups or families underneath a single service account, without additional security verification.

FIG. 4 is a block diagram of an example system 400 that manages access control lists, or white lists. White list management component 410 accesses a subscriber database 420 which can be maintained by a service operator for femto and macro cells, and a data storage 430 that retains a set of white lists 440 associated with serviced subscribers, to associate white-listed subscribers across disparate access control lists. Such association can lead to genesis of white-lists trees. In an aspect, white list management component can implement mechanisms to mitigate exponential data growth and efficient storage of white-list trees like data-compression (e.g., wavelet, efficient tree representation, and so on), distributed data warehouses, and so forth. In another aspect, white list management component can deploy a white-list tree in accordance to the following illustrative, non-limiting scenario. (i) User 1 adds User 2 to his/her white list. (ii) User 2 adds User 3 to his/her white list. (iii) User 1 and User 3 can be associated through white lists. (iv) User 1 and User 3 can match User 4 extant on each other's white lists. (v) User 1 and User 3 can associate User 5 that is on User 4's white list. White list management component 410 effects associations and manages generated white-list tree(s). It should be appreciated that substantially any association, hierarchical or non-hierarchical, or deployment of white lists can be implemented by white list management component 410 through information stored in subscriber database 420 and data storage 430.

An illustrative, non-limiting, advantage of structured, hierarchical generation of white lists to subscribers (e.g., subscriber A 310) is that more subscribers can have access femto cells to gain coverage enhancement, or have access to added value through unlimited usage on any femto cell or unique services available via a set of femto cells.

In addition, example system 400 can track subscriber station identifier numbers (e.g., MSISDNs), codes or tokens, associated with white list(s) on record with a femto service provider. White list management component 410 can validate white list(s) 440, stored in data storage 430, against current accounts and associated subscriber station identifier numbers (e.g., MSISDNs), codes, or tokens, for a service provider. In particular, when a subscriber, or end user, cancels an account with service provider, white list(s) 440 can be updated according to information retrieved from subscriber database 420, or substantially any other database available to a service provider that contains information on service subscribers. In addition, when an end user changes their mobile or subscriber station number, code or token, (e.g., after relocation to a new area code, or the like) substantially all white list(s) 440 that the mobile or subscriber station number, code or token is associated with can automatically be updated by white list management component 410.

An illustrative advantage of such automatic update of white list(s) 440 is ease of use for end users to maintain current white list(s) 440 without a need to keep track of each subscriber station number, code or token associated with the white list(s) 440. In addition, updated white list(s) 440 maintains the value proposition of the femto cells for end users and service operator by a seamless move of traffic off of the macro network (e.g., a WAN) to femto network(s).

FIG. 5 is a block diagram of an example system 500 that facilitates addition of subscriber(s)/subscriber station(s) to one or more white lists. In example system 500, a network management component 510 includes a white list management component 410 which is coupled to a subscriber database 525, a data storage 535 and a communication platform 515. The white list management component 410 can data-mine subscriber database 525 and white list(s) 545, which resides in data storage 535, to drive addition of new subscribers to a white list to request reciprocal adding. In an aspect, once a subscriber 560 in account K is identified for reciprocal addition at a time the subscriber 560 configures his/her femto AP, a white list (WL) configuration request 555 is conveyed (e.g., via a wired or wireless link through communication platform 515) to the subscriber. Such configuration request indicates that a disparate subscriber has subscriber 560 white-listed and prompts subscriber 560 to include in his/her white list the disparate subscriber. An illustrative scenario is the following: User 1 adds User 2 to his/her white list. Once User 2 configures/activates his/her femto cell, a setup process (implemented, for example, through a web-based online GUI) will prompt User 2 to add User 1. It is to be noted that white list management component 410 can exploit information in subscriber database 525 and data storage 535 to inform User 2 of substantially all subscriber station numbers, codes or tokens that he/she can add automatically on a reciprocity basis; namely, User 2 can be prompted to add in white list(s) those subscribers that have previously added him/her to their with list(s). White list configuration request 555 can be effected through various interfaces like an online GUI, a real time prompt/alert delivered via SMS, MMS, email, instant message, and so forth.

FIG. 6 is a block diagram of an example system that manages a defined logic of how content(s) (e.g., MSISDNs) in access control list(s), or white list(s) is maintained on a white list database. Access management component 235, which can comprise a white list management component 610, can develop white list profile(s) 620 that applies logic and parameters that control, or manage, content in white list(s) 630 such as subscriber station numbers (e.g., MSISDNs), codes or tokens. White list profile(s) 620 and white list(s) 630 can be stored in data storage 615; it should be appreciated that while data storage 245 is illustrated to reside within femto access point 130, such storage can reside in a network management component (e.g., component 510).

In an aspect, white list profile parameters that control utilization logic of white list(s) content include, without being limited to including: (i) temporary access, e.g., full access for a specific time interval such as days or hours; (ii) access only within a window of time in a day (voice and data allowed from 9:00 a-6:00 p, or voice allowed after 9:00 p which can facilitate billing schemes already established by an operator/service provider); and (iii) access to specific applications such as scheduler, calendar(s), news streaming, authoring tools, gaming, video and music, etc.

In another aspect, logic within white list profile(s) can implement parameters to determine how long access to femto coverage is granted. For instance, when a timer associated with temporary access expires, a query 645 can be conveyed (e.g., through a wired or wireless link 635) to either a subscriber that operates a device associated with the managed MSISDN in order to request renewed access, or to a subscriber that operates femto access point 130. The message request, e.g., query 645, can ask the owner if an extension should be granted or not. When a request is not granted by a subscriber that operates femto AP 130 or there is no reply, e.g., acknowledgement 645, from the subscriber, access to femto coverage expires and the MSISDN (or substantially any identifier code or token) is deleted from a corresponding white list(s) within data storage 245. Conversely, a positive response, e.g., acknowledgement 645, can allow access to continue based on either parameters extant in white list profile(s) or newly defined parameters. It is to be noted that query 645 can be conveyed via an online GUI, an email message, a SMS message, MMS message, a voice mail, a web prompt, and the like.

FIG. 7 is a block diagram of an example system 700 that initializes access control list(s), or white list(s), to femto coverage with available subscriber station identifier numbers, codes or tokens available on a service account. In example system 700, a subscriber 710 who utilizes device(s) 715, can provision femto AP 130 and associate the device(s) 715 with a service account via a networked interface component 210 (e.g., an online account management system) which can look up into substantially all subscriber station(s) identifier numbers (e.g., MSISDNs), codes or tokens associated with the service account, and automatically populates white list(s) 220 with the extracted subscriber station(s) numbers, codes or tokens. Subscriber 710, via interface component 210, can remove or add subscriber station(s) numbers (e.g., MSISDNs), codes or tokens extant in a pre-populated white list(s) 220; additional edits can be performed as well, based at least in part on the complexity of white list(s) 220. In an aspect, to pre-set white list(s) 220, networked interface component 210 access information stored in subscriber database 260 through network 230 which can include information technology systems of a service provider. White list(s) 220 is conveyed through network 230 to femto access point 130; a communication platform receives white list(s) 220 and access management component 235 stores the white list(s) 220 in data storage 245.

An illustrative advantages provided by example system 700 are (a) reduced fetmo cell provisioning lead time, and (b) immediate utilization of a femto cell with mobile numbers that belong to a same service account, whether subscribers of such numbers subscribe to the femto cell or a feature application, or code, that delivers a femto cell service.

FIG. 8 is a block diagram of an example system 800 that facilitates addition of wireless, mobile devices on an ad hoc basis. In example system 800, device(s) 810 can convey a request or query 815 to access coverage of femto AP 130. Such a request can be received by communication platform 255, and access management component 235 can be set up to allow or reject the request; allowance of rejection of a request can be based on various metrics, such as security, type of device, profile of subscriber that operated the device that requests access, and so on. Upon allowance of a request, access management component 235 can query for available slots to be filled in white list(s) 220 associated with accounts served by femto AP 130, when space is available for a subscriber station identifier number (e.g., MSISDN), code or token, the query can further probe whether access is allowed on a permanent, or temporary basis (e.g., to reduce risk exposure to security problems). Characteristics of fetmo coverage allowance can be set or pre-set through access management component 225. Subsequent to allowance and examination of information related to relevant white list(s) 220, access management component 235 updates white list(s) 220, stored in data storage 245, to reflect the approved request for femto coverage. It is to be noted that access and update of collected subscriber identifier numbers (e.g., MSISDN), codes or token, can also be effected through network-based white list database(s). It is to be noted that query 815 can be conveyed via an online GUI, an email message, a SMS message, MMS message, a voice mail, a web prompt, USSD (or * and # codes), and the like.

An illustrative, non-limiting advantage of example system 800 is that it provides an enhanced end user experience with a direct, clear mechanism and thus encourages use of the femto access point 130, and avoids time spent on edition of white list(s) through a networked interface (interface component 210) like an online interface which takes time for the end user to have access to the Internet, and to log on in a secured interface.

It should be appreciated that substantially any wireless device within coverage area of femto AP 130 (e.g., are 125) can request access without intervention by a subscriber that operates femto AP 130, and who has previously entered a set of subscriber station numbers (e.g., MSISDNs), codes or tokens, via a networked interface (e.g., interface component 210). Alternatively, or in addition, a request for access can be prompted by a device utilized by a subscriber that operates the femto AP. Further a request for access can be effected by the femto AP, through an access management component like component 225, for example. Once a request is granted, a secure tunnel can be established from the device/client through the femto cell's IP connection or the default of the Radio Access Network if the IP connection is not available. Secure layers including utilizing the femto cell's VPN and/or USSD would ensure that the transaction is in fact secure. As a non-limiting example, a temporary visitor or employee (e.g., a babysitter) who is coming over to a location served by a femto access point (e.g., femto AP 130) for a limited period of time, can be provided with coverage via the femto AP by a subscriber that operates the femto cell so the employee can perform, at least in part, his work activities (e.g., provide updates on behavior of children) through utilization of the femto access point. In case the subscriber fails to know identifier numbers, codes or tokens for devices the employee can utilize, and the subscriber is not interested to go through the process of requesting and entering the numbers, codes or tokens via a networked interface to allow coverage for the limited period of time the employee performs work, the employee (e.g., babysitter) can convey a request (e.g., query 815) invention allows the baby sitter to request femto access directly from the employee's device when in range of the femto access point.

FIG. 9 is a block diagram of an example system that tracks subscriber station identifier numbers (e.g., MSISDNs), codes or tokens, associated with white list(s) on record with a femto service provider in accordance with aspects of the disclosed subject matter. In accordance with this aspect, device(s) 810 can convey a number change update request 915 to AP 130. Upon receiving such a request at the communication platform 255, the white lists 220 can be updated accordingly. The white lists can also be updated to reflect any changes that users may make to their services providers such as changing a service provider or canceling service etc. Hence, when an end user changes their mobile number (e.g. moving to a new area code, etc.) all white lists 220 that the mobile number is associated with will automatically be updated upon receiving the request. Therefore, it enables the communication system 900 to keep track of MSISDNs associated with the white lists 220 on record and validates the white lists against current user accounts and MSISDNs associated therewith. This provides ease of use to a user associated with administering the femto cell as it aids in maintaining current white lists without having to keep track of each mobile number associated with the white list. Additionally, it maintains value proposition of the femtocells for end users and a cellular operator by continuing to move traffic off of the WAN to the femtocell in a seamless fashion.

In view of the example systems described above, example methodologies that can be implemented in accordance with the disclosed subject matter can be better appreciated with reference to flowchart in FIG. 10. For purposes of simplicity of explanation example method 200 is presented and described as a series of acts; however, it is to be understood and appreciated that the claimed subject matter is not limited by the order of acts, as some acts may occur in different orders and/or concurrently with other acts from that shown and described herein. For example, those skilled in the art will understand and appreciate that a methodology could alternatively be represented as a series of interrelated states or events, such as in a state diagram, or interaction diagram. Moreover, not all illustrated acts may be required to implement a methodology in accordance with the subject specification. Additionally, it should be further appreciated that the methodologies disclosed hereinafter and throughout this specification are capable of being stored on an article of manufacture to facilitate transporting and transferring such methodologies to computers for execution by a processor or for storage in a memory.

FIG. 10 presents a flowchart of an example method 1000 for managing access of subscribers and subscriber stations to femto cell coverage. At act 1010 an access control list, or white list, for a femto cell is configured. In an aspect, configuration can be performed via a networked interface, interactively or automatically based at least in part on operation conditions of the femto cell; e.g., initial provisioning, capturing of wireless devices, responding to request for access, updating extant access control lists, and so forth. At act 1020, access to femto cell coverage is granted according to the configured access control list. In another aspect, the configured access control list can possess an associated profile that control logic for utilization of the access control list, via a set of parameters that determine conditions of access, type of access, etc. Additional aspects of example method 1000 can be enacted through example methodologies presented in flowcharts detailed infra.

FIG. 11 is a schematic diagram of an interface component that can be used to mange one or more white lists associated with a femto cell. In accordance with an aspect, within an object oriented environment, an interface can contain methods (both class and instance), static fields, properties and events in order to execute the functionality associated there with. The interface component 210 can comprise a user profile component 1110 and an intelligent component 1120. The user profile component 1110 is configured to store profiles of users who operate or administer the femto cell associated there with. Each of the users can be associated with a different status thereby causing a differentiation in their respective administrative rights/responsibilities. Thus, the user profile component 1110 comprised in the interface component 210 can aid in providing an appropriate interface based at least on a user's profile. For example, a GUI presented to a user logged in as a primary administrator can be different compared to an interface presented to a secondary user with limited administrative rights to the femto cell. In a further aspect, the secondary user can be permitted to grant only temporary access to a requesting UE and hence an abbreviated interface can be presented to such a secondary user as compared to a richer interface presented to the primary administrator.

As described supra, various kinds of interfaces such as a web-based GUI or an interface responsive to touch screen or voice commands can be presented. This can be based on an input from the user profile component 1110 or the intelligent component 1120. For example, if the user profile component 1110 indicates that the user is a new user or if the intelligent component indicates a task such as addition or deletion of a number from the white lists 220 then the interface can be a wizard type interface that guides the user through a specific task via a question/answer session. The intelligent component 1120 can also aid in presenting an interface appropriate for a given device. Various aspects can be considered while selecting a device on which the interface can be presented. For example, if the user requests the interface by logging into the user account, then the device from which the user has logged in can be sensed by the intelligent component and an appropriate interface can be presented. If the user is logging in from a mobile device such as a cell phone/PDA (personal digital assistant) etc. then a simple interface with minimum graphics can be provided. If it is sensed that the user is logging in from a laptop computer, then a more complex interface can be presented.

As mentioned supra, when a subscriber station, e.g., a UE leaves macro coverage and enters femto coverage, it attempts to attach to the femto AP through transmission and reception of attachment signaling, effected via a FL/RL. In accordance with an aspect, it can be verified if the UE attempting to access the femto cell resources is included in the associated white list. If yes, then the UE is granted femto coverage else, the intelligent component 1120 can automatically present a simple/abbreviated interface to the user providing the user with an option to grant or deny the UE access to the femto cell resources. In a further aspect, the intelligent component 1120 can be configured to automatically present an appropriate interface at a device that is either specified by the user or a device that is inferred as being at the focus of the user's attention. For example, if the default device configured by a user to receive notifications associated with the white list management is powered off, then the intelligent component 1120 can select and present an appropriate interface at an alternate device that it infers as being at the focus of the user's attention. If there are multiple devices that are likely to have the user's attention, then a confidence threshold can be employed to select a device that is most likely to be at the focus of the user's attention. Additionally, the access rights granted to the UE can vary based on the kind of interface from which its access to the femto resource has been approved. The intelligent component 1120 can be configured to communicate with the access management component 235 in order to determine the kind of access that can be granted to a requesting UE.

In accordance with an aspect illustrated in FIG. 12, a GUI 1200 can be employed by users to configure the femto AP and manage various aspects associated with the femto cell access. In particular the interface 1200 can be presented to a user when the femto access point is initially plugged into the system. Upon start up of the system, the initial welcome screen 1200 of a configuration wizard is presented that will guide the user through the set up and configuration of the femto access point. Further screens (not shown) can allow the user to input system parameters and generate initial white lists by allowing the user to add subscriber station numbers (e.g., MSISDNs). However, further addition, deletion and/or editing of white list contents through other interfaces is possible as detailed infra.

FIG. 13 shows a web based GUI 1300 that can be employed by the user to edit contents of a white list upon installation of the femto access point. A user can log in to an online account to control the femto cell access. A screen 1310 can be presented to the user upon logging into the online account. It can comprise a list of IDs 1320 that currently have access to femto cell resources. It should be noted that the format is shown as a means of illustration and not limitation. Various other formats can be employed to show the users/UEs that have access to the femto cell resources. For example, user names associated with the MSISDNs or other tokens can be used in the list. In another aspect, the list can show all IDs associated with UEs that not only have current access but previously had access to the femto resources. Selection of a specific ID from the list can show the access details associated with the ID. For example, the access details gathered from the associated white list profiles can include if the selected ID currently has access to the femto cell resources, or if the particular ID previously had access, details such as the time, date and/or the period of access can be shown.

A group of options 1330 allow a user to manipulate contents of the white list 1320. By the way of illustration and not limitation, the options can include an option to add IDs to the list, an option to delete IDs from the list and an option to edit existing IDs in the list. Upon selection of an option by a user, further dialog can be conducted with the user to continue with the selected task. For example, if the user chooses to add numbers to the white list 1320, a pop up window 1340 can be presented to collect the details of the ID to be added to the white list 1320. In another aspect, an ID selected from the list 1320 can be displayed in the box 1350 to facilitate editing the selected ID. However, as discussed supra, various alternate devices can be used to present the interface that facilitates editing a white list.

FIG. 14A and FIG. 14B illustrate an aspect wherein the interface is presented on different devices. In FIG. 14A, the interface 1410 is presented in the television 1400. Accordingly, it can be a simple or an abbreviated interface in accordance with users' convenience. Presenting more abbreviated interfaces on secondary devices mitigates the need for the user to spend time and attention to the task of allowing/denying access rights to a requesting UE thereby allowing them to continue with whatever task they may be currently engaged in. Accordingly, an ID associated with a UE attempting to access the femto resources is used to request permission for the same. Thus, a remote control associated with the television set can be operable to select one of the YES/NO option buttons thereby granting/denying access thereby quickly concluding the task of editing the white list. As mentioned supra, in accordance with this aspect, the kind of permission granted to the UE can vary based on a type of device/interface granting the access. If a simple interface is granting access, then a temporary access can be granted wherein a timer can be associated with the temporary permission granted to the UE. A further query can be directed to the user upon expiration of the time period associated with the access in order to extend the access period.

Similarly FIG. 14B illustrates an aspect wherein the interface 1420 is presented on a user's cellular telephone 1430. It can be appreciated that although the figures illustrate a television and a cellular phone only, the user interfaces can be presented on one or more other devices such as a, a PDA and/or a laptop computer etc.

FIG. 15 shows a methodology of providing white list management interface to a user in accordance with an aspect. The method 1500 begins at 1510 with a UE requesting access to femto cell resources. The method proceeds to 1520 wherein it is verified if a specified default device is ready to provide the request notification/message to the user. If yes, then a message specifying the ID of the requesting UE is provided to the user with options to grant or deny access as shown at 1530. If at 1520, it is determined that the default device is not ready to provide messages to the user, the method then proceeds to 1540 wherein one or more secondary devices are selected for providing notifications. For example, if the default device is not powered on then it will not be ready to provide resource request messages to the user. Accordingly, an interface appropriate for the selected secondary device can be provided at the one or more other devices as shown at 1550. The selection of the other devices can be based on one or more of user choices and/or confidence thresholds associated with such alternate devices. The confidence thresholds for selecting other devices can be estimated based on one or more of a time of the day, status of the devices, user options etc.

FIG. 16 relates to another aspect wherein the access rights granted to a UE can depend on the kind of interface that is used to grant the rights. The method 1600 of granting access rights can begin at 1610 wherein it is verified if the UE has been granted access rights from an online account. If yes, then the access rights as specified can be granted to the UE as shown at 1620. As detailed supra, various kinds of access can be provided to a UE. For example the UE can be granted permanent access rights by including the UE into the white list. In accordance with other aspects, the access rights of a UE can be associated with a timer such that when the specified time period expires the UE access to the femto cell resources also expire unless explicitly extended by a user. If it is determined at 1610 that the access rights were not granted from an online account, it is determined at 1630 that the UE was granted access from a simpler interface. Accordingly, the UE can be granted temporary access rights as shown at 1640. Hence, a timer can be associated with the access rights granted to the UE as shown at 1650. In a further aspect, the timer can have a default time period associated there with for granting access rights. Such a default time period can be set by the user, for example, during the initial configuration of the femto access point. At 1660, it is verified if the timer has expired. If the timer is not yet expired, the UE continues to have the temporary access rights as how at 1670 unless explicitly changed by the user, for example, from the online account. If it is determined at 1660 that the timer has expired, a message is sent to the user requesting further user action regarding extension of the UE access rights as shown at 1680. At 1690 it is determined if the user extended the access rights. If yes, the method returns to 1610 wherein the access rights are granted based at least on the type of interface granting the rights else the access rights are revoked as show at 1692.

To provide further context for various aspects of the subject specification, FIG. 17 is intended delineate a suitable wireless communication environment, and associated components, for operation of a femto cell (e.g., femto cell 125) in accordance with various aspects of the specification. In addition, FIG. 17 illustrates a block diagram of an example embodiment 1700 of a femto access point that can enable and exploit and manage femto coverage via access control list(s), or white list(s), in accordance with aspects described herein. Those skilled in the art will recognize that the specification also be implemented through program modules stored in a memory and executed by a processor, and/or other combination of hardware and software.

With respect to FIG. 17, in embodiment 1700, femto AP 1710 can receive and transmit signal(s) from and to wireless devices like macro and femto access points, access terminals, wireless ports and routers, and the like, through a set of antennas 1769 ₁-1769 _(N). It should be appreciated that while antennas 1769 ₁-1769 _(N) are a part of communication platform 255, which comprises electronic components and associated circuitry that provides for processing and manipulation of received signal(s) and signal(s) to be transmitted. In an aspect, communication platform 255 includes a receiver/transmitter 1766 that can convert signal from analog to digital upon reception, and from digital to analog upon transmission. In addition, receiver/transmitter 1766 can divide a single data stream into multiple, parallel data streams, or perform the reciprocal operation. Coupled to receiver/transmitter 1766 is a multiplexer/demultiplexer 1767 that facilitates manipulation of signal in time and frequency space. Electronic component 1767 can multiplex information (data/traffic and control/signaling) according to various multiplexing schemes such as time division multiplexing (TDM), frequency division multiplexing (FDM), orthogonal frequency division multiplexing (OFDM), code division multiplexing (CDM), space division multiplexing (SDM). In addition, mux/demux component 1767 can scramble and spread information (e.g., codes) according to substantially any code known in the art; e.g., Hadamard-Walsh codes, Baker codes, Kasami codes, polyphase codes, and so on. A modulator/demodulator 1768 is also a part of operational group 1725, and can modulate information according to multiple modulation techniques, such as frequency modulation, amplitude modulation (e.g., M-ary quadrature amplitude modulation (QAM), with M a positive integer), phase-shift keying (PSK), and the like.

Femto access point 1710 also includes a processor 1735 configured to confer functionality, at least partially, to substantially any electronic component in the femto access point 1710. In particular, processor 1735 can facilitate access management component 235 to supply fixed differentiated QoS in accordance to aspects disclosed herein. In addition, processor 1735 can facilitate operations on data (e.g., symbols, bits, or chips) for multiplexing/demultiplexing, such as effecting direct and inverse fast Fourier transforms, selection of modulation rates, selection of data packet formats, inter-packet times, etc. A memory 1755 can store data structures, code instructions, system or device information like policies and specifications, code sequences for scrambling, spreading and pilot transmission, floor plan configuration, access point deployment and frequency plans, scheduling policies, and so on.

In embodiment 1700, processor 1734 is coupled to the memory 1755 in order to store and retrieve information necessary to operate and/or confer functionality to communication platform 255, access management component 235, and other operational aspects of femto access point 1710.

With respect to FIG. 18, wireless communication environment 1800 includes two wireless network platforms: (i) A macro network platform 1810 which serves, or facilitates communication with user equipment 1875 (e.g., mobile 120 _(A)) via a macro radio access network (RAN) 1870. It should be appreciated that in cellular wireless technologies (e.g., 3GPP UMTS, HSPA, 3GPP LTE, 3GPP2 UMB), macro network platform 1810 is embodied in a Core Network. (ii) A femto network platform 1880, which can provide communication with UE 1875 through a femto RAN 1890, which is linked to the femto network platform 1880 via backhaul pipe(s) 1885 (e.g., backhaul link(s) 140). It should be appreciated that macro network platform 1810 typically hands off UE 1875 to femto network platform 1810 once UE 1875 attaches (e.g., through macro-to-femto handover) to femto RAN 1890, which includes a set of deployed femto APs (e.g., femto AP 130) that can operate in accordance with aspects described herein.

It is noted that RAN includes base station(s), or access point(s), and its associated electronic circuitry and deployment site(s), in addition to a wireless radio link operated in accordance with the base station(s). Accordingly, macro RAN 1870 can comprise various coverage cells like cell 105, while femto RAN 1890 can comprise multiple femto cell access points such as femto AP 130. Deployment density in femto RAN 1890 is substantially higher than in macro RAN 1870.

Generally, both macro and femto network platforms 1810 and 1880 include components, e.g., nodes, gateways, interfaces, servers, or platforms, that facilitate both packet-switched (PS) (e.g., internet protocol (IP), frame relay, asynchronous transfer mode (ATM)) and circuit-switched (CS) traffic (e.g., voice and data) and control generation for networked wireless communication. In an aspect of the subject innovation, macro network platform 1810 includes CS gateway node(s) 1812 which can interface CS traffic received from legacy networks like telephony network(s) 1840 (e.g., public switched telephone network (PSTN), or public land mobile network (PLMN)) or a SS7 network 1860. Circuit switched gateway 1812 can authorize and authenticate traffic (e.g., voice) arising from such networks. Additionally, CS gateway 1812 can access mobility, or roaming, data generated through SS7 network 1860; for instance, mobility data stored in a VLR, which can reside in memory 1830. Moreover, CS gateway node(s) 1812 interfaces CS-based traffic and signaling and gateway node(s) 1818. As an example, in a 3GPP UMTS network, PS gateway node(s) 1818 can be embodied in gateway GPRS support node(s) (GGSN).

In addition to receiving and processing CS-switched traffic and signaling, PS gateway node(s) 1818 can authorize and authenticate PS-based data sessions with served (e.g., through macro RAN) wireless devices. Data sessions can include traffic exchange with networks external to the macro network platform 1810, like wide area network(s) (WANs) 1850, enterprise networks (NW(s)) 1870 (e.g., enhanced 911), or service NW(s) 1880 like IP multimedia subsystem (IMS); it should be appreciated that local area network(s) (LANs), which may be a part of enterprise NW(s), can also be interfaced with macro network platform 1810 through PS gateway node(s) 1818. Packet-switched gateway node(s) 18 generates packet data contexts when a data session is established. To that end, in an aspect, PS gateway node(s) 1818 can include a tunnel interface (e.g., tunnel termination gateway (TTG) in 3GPP UMTS network(s); not shown) which can facilitate packetized communication with disparate wireless network(s), such as Wi-Fi networks. It should be further appreciated that the packetized communication can include multiple flows that can be generated through server(s) 1814. It is to be noted that in 3GPP UMTS network(s), PS gateway node(s) 1818 (e.g., GGSN) and tunnel interface (e.g., TTG) comprise a packet data gateway (PDG).

Macro network platform 1810 also includes serving node(s) 1816 that convey the various packetized flows of information, or data streams, received through PS gateway node(s) 1818. As an example, in a 3GPP UMTS network, serving node(s) can be embodied in serving GPRS support node(s) (SGSN).

As indicated above, server(s) 1814 in macro network platform 1810 can execute numerous applications (e.g., location services, online gaming, wireless banking, wireless device management . . . ) that generate multiple disparate packetized data streams or flows, and manage (e.g., schedule, queue, format . . . ) such flows. Such application(s), for example can include add-on features to standard services provided by macro network platform 1810. Data streams can be conveyed to PS gateway node(s) 1818 for authorization/authentication and initiation of a data session, and to serving node(s) 1816 for communication thereafter. Server(s) 1814 can also effect security (e.g., implement one or more firewalls) of macro network platform 1810 to ensure network's operation and data integrity in addition to authorization and authentication procedures that CS gateway node(s) 1812 and PS gateway node(s) 1818 can enact. Moreover, server(s) 1814 can provision services from external network(s), e.g., WAN 1850, or Global Positioning System (GPS) network(s), which can be a part of enterprise NW(s) 1880. It is to be noted that server(s) 1814 can include one or more processor configured to confer at least in part the functionality of macro network platform 1810. To that end, the one or more processor can execute code instructions stored in memory 1830, for example.

In example wireless environment 1800, memory 1830 stores information related to operation of macro network platform 1810. Information can include business data associated with subscribers; market plans and strategies, e.g., promotional campaigns, business partnerships; operational data for mobile devices served through macro network platform; service and privacy policies; end-user service logs for law enforcement; and so forth. Memory 1830 can also store information from at least one of telephony network(s) 1840, WAN 1850, SS7 network 1860, enterprise NW(s) 1870, or service NW(s) 1880.

Regarding femto network platform 1880, it includes a femto gateway node(s) 1884, which have substantially the same functionality as PS gateway node(s) 1818. Additionally, femto gateway node(s) 1884 can also include substantially all functionality of serving node(s) 1816. Disparate gateway node(s) 1884 can control or operate disparate sets of deployed femto APs, which can be a part of femto RAN 1890. In an aspect of the subject innovation, femto gateway node(s) 1884 can aggregate operational data received from deployed femto APs. Moreover, femto gateway node(s) 1884, can convey received attachment signaling to attachment component 1820. It should be appreciated that while attachment component is illustrated as external to gateway node(s) 1884, attachment component 1820 can be an integral part of gateway node(s) 1884. Various interface components detailed supra in accordance with various aspects can be used to interact with the aforementioned nodes.

Attachment component 1820 can facilitate macro-to-femto and femto-to-macro handover with attachment to a femto AP (e.g., femto AP 130) dictated in accordance to a white list (e.g., white list(s) 220) and/or a white list profile (e.g., white list profile(s) 222). In an aspect, attachment component 1820 can include a determination of whether a white list resides within femto AP and whether a mobile station that is attempting attachment is whitelisted as described in the subject innovation. It is noted, in an aspect, that when a whitelisted mobile station is allowed to attach to the femto AP, attachment component 1820 can establish femto service in accordance with privileges, or access logic, configured in a white list profile (e.g., white list profile(s) 222).

Memory 1886 can retain additional information relevant to operation of the various components of femto network platform 1880. For example operational information that can be stored in memory 1886 can comprise, but is not limited to, subscriber intelligence; contracted services; maintenance and service records; femto cell configuration (e.g., devices served through femto RAN 1890; authorized subscribers associated with one or more deployed femto APs); service policies and specifications; privacy policies; add-on features; so forth.

Server(s) 1882 have substantially the same functionality as described in connection with server(s) 1814. In an aspect, server(s) 1882 can execute multiple application(s) that provide service (e.g., voice and data) to wireless devices served through femto RAN 1890. Server(s) 1882 can also provide security features to femto network platform. In addition, server(s) 1882 can manage (e.g., schedule, queue, format . . . ) substantially all packetized flows (e.g., IP-based, frame relay-based, ATM-based) it generates in addition to data received from macro network platform 1810. Furthermore, server(s) 1882 can effect provisioning of femto cell service, and effect operations and maintenance. It is to be noted that server(s) 1882 can embody provisioning server 345, and can populate white list(s) and white list profile(s) in accordance with aspects described herein. It is to be noted that server(s) 1882 can include one or more processors configured to provide at least in part the functionality of femto network platform 1880. To that end, the one or more processors can execute code instructions stored in memory 1886, for example.

As it employed in the subject specification, the term “processor” can refer to substantially any computing processing unit or device comprising, but not limited to comprising, single-core processors; single-processors with software multithread execution capability; multi-core processors; multi-core processors with software multithread execution capability; multi-core processors with hardware multithread technology; parallel platforms; and parallel platforms with distributed shared memory. Additionally, a processor can refer to an integrated circuit, an application specific integrated circuit (ASIC), a digital signal processor (DSP), a field programmable gate array (FPGA), a programmable logic controller (PLC), a complex programmable logic device (CPLD), a discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein. Processors can exploit nano-scale architectures such as, but not limited to, molecular and quantum-dot based transistors, switches and gates, in order to optimize space usage or enhance performance of user equipment. A processor may also be implemented as a combination of computing processing units.

In the subject specification, terms such as “data store,” data storage,” “database,” and substantially any other information storage component relevant to operation and functionality of a component, refer to “memory components,” or entities embodied in a “memory” or components comprising the memory. For example, information relevant to operation of various components described in the disclosed subject matter, and that can be stored in a memory, can comprise, but is not limited to comprising, subscriber information; femto cell configuration (e.g., devices served by a femto AP; access control lists, or white lists) or service policies and specifications; privacy policies; and so forth. It will be appreciated that the memory components described herein can be either volatile memory or nonvolatile memory, or can include both volatile and nonvolatile memory. By way of illustration, and not limitation, nonvolatile memory can include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable ROM (EEPROM), or flash memory. Volatile memory can include random access memory (RAM), which acts as external cache memory. By way of illustration and not limitation, RAM is available in many forms such as synchronous RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDR SDRAM), enhanced SDRAM (ESDRAM), Synchlink DRAM (SLDRAM), and direct Rambus RAM (DRRAM). Additionally, the disclosed memory components of systems or methods herein are intended to comprise, without being limited to comprising, these and any other suitable types of memory.

Various aspects or features described herein may be implemented as a method, apparatus, or article of manufacture using standard programming and/or engineering techniques. Implementation(s) that include software or firmware can be implemented at least in part through program modules stored in a memory and executed by a processor. The term “article of manufacture” as used herein is intended to encompass a computer program accessible from any computer-readable device, carrier, or media. For example, computer readable media can include but are not limited to magnetic storage devices (e.g., hard disk, floppy disk, magnetic strips . . . ), optical disks (e.g., compact disk (CD), digital versatile disk (DVD) . . . ), smart cards, and flash memory devices (e.g., card, stick, key drive . . . ).

What has been described above includes examples of systems and methods that provide advantages of the subject innovation. It is, of course, not possible to describe every conceivable combination of components or methodologies for purposes of describing the claimed subject matter, but one of ordinary skill in the art may recognize that many further combinations and permutations of the claimed subject matter are possible. Furthermore, to the extent that the terms “includes,” “has,” “possesses,” and the like are used in the detailed description, claims, appendices and drawings such terms are intended to be inclusive in a manner similar to the term “comprising” as “comprising” is interpreted when employed as a transitional word in a claim. 

What is claimed is:
 1. A system, comprising: a memory to store instructions; and a processor, coupled to the memory, that facilitates execution of the instructions to perform operations, comprising: determining association data indicative of an association between access control data structures associated with respective femto access point devices, wherein the access control data structures comprise identifier data associated with user equipments that are authorized to access the respective femto access point devices, and facilitating storage of the access control data structures based on the association data, wherein the facilitating comprises compressing the identifier data based on the association data.
 2. The system of claim 1, wherein the facilitating comprises determining a hierarchical representation of the access control data structures based on the association data.
 3. The system of claim 1, wherein the operations further comprise: updating the identifier data based on update data received from a subscriber data store via a macro network.
 4. The system of claim 3, wherein the updating comprises updating the identifier data in response to determining a change has occurred in token data associated with a user equipment of the user equipments.
 5. The system of claim 1, wherein an access control data structure of the access control data structures comprises timing data associated with a user equipment of the user equipments, wherein the timing data is employed to deny access to the femto cell coverage by the user equipment in response to a determination that a specified time period has expired.
 6. The system of claim 1, wherein the operations further comprise: receiving, from a communication device, a request to access an access control data structure of the access control data structures, determining administrative rights data associated with the communication device, and based on the administrative rights data, determining display data associated with the access control data structure.
 7. The system of claim 6, wherein the operations further comprise: facilitating a presentation of the display data on the communication device.
 8. The system of claim 1, wherein the determining the association data comprises determining that a first access control data structure of the access control data structures is associated with a second access control data structure of the access control data structures in response to a determination that first identifier data of a first user equipment associated with a third access control data structure of the access control data structures has been added to the first access control data structure, and a determination that second identifier data of a second user equipment associated with second access control data structure has been added to the third access control data structure.
 9. A method, comprising: determining, by a system comprising a processor, association data indicative of an association between a first access control data structure and a second access control data structure, wherein the first access control data structure is employed to control access to a first femto access point device and the second access control data structure is employed to control access to a second femto access point device; determining, by the system, a compressed access control data structure based on compressing the first access control data structure and the second access control data structure in accordance with the association data; and facilitating, by the system, storage of the compressed access control data structure.
 10. The method of claim 9, further comprising: sharing, by the system, the first access control data structure with a third femto access point device, wherein the sharing comprises facilitating utilization of the first access control data structure to control access to the third femto access point device.
 11. The method of claim 9, further comprising: updating, by the system, the first access control data structure based on information received from a subscriber data store accessible via a macro network.
 12. The method of claim 11, wherein the updating comprises updating the first access control data structure in response to determining that identifier data associated with a user equipment authorized to access the first femto access point device has changed.
 13. The method of claim 9, wherein the determining the compressed access control data structure comprises determining, based on the association data, a hierarchical representation of the first access control data structure and the second access control data structure.
 14. The method of claim 9, further comprising: facilitating, by the system, a presentation of an abbreviated interface for editing the first access control data structure.
 15. The method of claim 14, wherein the facilitating the presentation comprises facilitating the presentation via a device utilized for receiving a femto cell management notification.
 16. The method of claim 14, further comprising: receiving, by the system, input data indicative of a device via the abbreviated interface; and granting, by the system, temporary access of a femto resource associated with the first femto access point to the device based on the input data.
 17. The method of claim 16, further comprising: prohibiting, by the system, access of the femto resource by the device in response to determining that a time period associated with the temporary access has expired.
 18. The method of claim 17, further comprising: requesting, by the system, authorization data associated with an extension of the temporary access in response the determining that the time period has expired.
 19. A system, comprising: a memory to store instructions; and a processor, coupled to the memory, that facilitates execution of the instructions to perform operations, comprising: in response to determining that a first user equipment associated with a first femto access point device is authorized to access a second femto access point device, and that a second user equipment associated with the second femto access point device is authorized to access a third femto access point device, determining association data indicative of an association of the first femto access point device with the third femto access point device, based on the association data, determining a hierarchical access control data structure associated with the first femto access point device and the third femto access point device, wherein the determining the hierarchical access control data structure comprises compressing identifier data indicative of a first set of user equipments that is authorized to access the first femto access point device and a second set of user equipments that is authorized to access the second femto access point device, and facilitating storage of the hierarchical access control data structure.
 20. The system of claim 19, wherein the hierarchical access control data structure comprises a tree representation that is determined based on a first access control data structure associated with the first femto access point device and a second access control data structure associated with the third femto access point device.
 21. The system of claim 19, wherein the determining the hierarchical access control data structure comprises determining the hierarchical access control data structure by employing data compression.
 22. The system of claim 19, wherein the data compression comprises wavelet compression.
 23. A non-transitory computer readable storage medium having instructions stored thereon that, in response to execution, cause a system comprising a processor to perform operations, comprising: determining association data indicative of an association between access control data structures associated with respective femto access point devices, wherein the access control data structures comprise identifier data associated with user equipments that are authorized to access the respective femto access point devices; and facilitating storage of the access control data structures based on the association data, wherein the facilitating comprises compressing the identifier data based on the association data.
 24. The non-transitory computer readable storage medium of claim 23, wherein the facilitating comprises determining a hierarchical representation of the access control data structures based on the association data.
 25. The non-transitory computer readable storage medium of claim 23, wherein the compressing comprises compressing the identifier data based on wavelet compression. 